PT-2025-42684 · Wikimedia Foundation · Mediawiki+1

Dom_Walden

Published

2025-10-18

Updated

2025-10-20

CVE-2025-62669

CVSS v4.0

6.9

Medium

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Name of the Vulnerable Software and Affected Versions Wikimedia Foundation Mediawiki - CentralAuth Extension versions prior to 1.39

Description A resource leak exposure exists in the Wikimedia Foundation Mediawiki - CentralAuth Extension. This allows for the potential exposure of sensitive information to an unauthorized actor.

Recommendations Update to version 1.39 or later.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2025-62669

Affected Products

Centralauth Extension

Mediawiki

PT-2025-42684 · Wikimedia Foundation · Mediawiki+1

CVE-2025-62669

Weakness Enumeration

Related Identifiers

Affected Products

References · 7